Hi Chris, To elaborate more on what I am trying to say. The use of option '--fake' whether '--no-mtab' is present or not done by root will cause a 'umount failed: Operation not permitted' when umount by a original user. This is rather unexpected since '--fake' should be a simulation and all the more unexpected if '--no-mtab' is specified.
Sincerely, Simon On Mon, Dec 28, 2020 at 9:00 AM Debian Bug Tracking System < ow...@bugs.debian.org> wrote: > This is an automatic notification regarding your Bug report > which was filed against the mount package: > > #950771: mount: unexpected behaviour with "-f" option > > It has been closed by Chris Hofstaedtler <z...@debian.org>. > > Their explanation is attached below along with your original report. > If this explanation is unsatisfactory and you have not received a > better one in a separate message then please contact Chris Hofstaedtler < > z...@debian.org> by > replying to this email. > > > -- > 950771: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950771 > Debian Bug Tracking System > Contact ow...@bugs.debian.org with problems > > > > ---------- Forwarded message ---------- > From: Chris Hofstaedtler <z...@debian.org> > To: Simon <simon.omni....@gmail.com>, 950771-d...@bugs.debian.org > Cc: > Bcc: > Date: Mon, 28 Dec 2020 01:56:47 +0100 > Subject: Re: Bug#950771: mount: unexpected behaviour with "-f" option > * Simon <simon.omni....@gmail.com> [201228 00:54]: > > Using mount with '-f' will write to /run/mount/utab. > > I think the '-n' option should be included implicitly since it is just a > simulation? > > No. The man page even says (paraphrased) "-f can be used after -n". > > > When the root user does a mount with '-f' on a device previously mounted > by another user granted with option 'user' specified in an entry of > /etc/fstab, > > an umount by the original user will cause a 'umount failed: Operation > not permitted' > > Thats probably expected. > > > -- Comments/feeback/question: > > Not sure how and if namespaces/context option can help alter user/group > during a mount by root user. > > Is there a way to restict which user/group can mount a device using > user=XXX,group=xxx option in /etc/fstab since that is how /run/mount/utab > is recorded? > > Not using mount or in /etc/fstab. Maybe policykit can provide finer > grained control. > > Closing this for now. > > Chris > > > ---------- Forwarded message ---------- > From: Simon <simon.omni....@gmail.com> > To: Debian Bug Tracking System <sub...@bugs.debian.org> > Cc: > Bcc: > Date: Thu, 06 Feb 2020 09:56:35 +0800 > Subject: mount: unexpected behaviour with "-f" option > Package: mount > Version: 2.33.1-0.1 > Severity: minor > > -- Additional info: > Using mount with '-f' will write to /run/mount/utab. > I think the '-n' option should be included implicitly since it is just a > simulation? > > When the root user does a mount with '-f' on a device previously mounted > by another user granted with option 'user' specified in an entry of > /etc/fstab, > an umount by the original user will cause a 'umount failed: Operation not > permitted' > > -- Comments/feeback/question: > Not sure how and if namespaces/context option can help alter user/group > during a mount by root user. > Is there a way to restict which user/group can mount a device using > user=XXX,group=xxx option in /etc/fstab since that is how /run/mount/utab > is recorded? > > -- System Information: > Debian Release: 10.2 > APT prefers stable-updates > APT policy: (500, 'stable-updates'), (500, 'stable') > Architecture: amd64 (x86_64) > > Kernel: Linux 4.19.0-6-amd64 (SMP w/8 CPU cores) > Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C.UTF-8 > (charmap=UTF-8) > Shell: /bin/sh linked to /usr/bin/dash > Init: systemd (via /run/systemd/system) > LSM: AppArmor: enabled > > Versions of packages mount depends on: > ii libblkid1 2.33.1-0.1 > ii libc6 2.28-10 > ii libmount1 2.33.1-0.1 > ii libselinux1 2.8-1+b1 > ii libsmartcols1 2.33.1-0.1 > ii util-linux 2.33.1-0.1 > > mount recommends no packages. > > Versions of packages mount suggests: > pn nfs-common <none> > > -- no debconf information >